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DETAILED ACTION 

1 . Claims 2, 5, 8, and 1 1 were cancelled by the amendment filed on September 28, 
2007. 

2. Claims1,3-4, 6-7, 9-10, and 12-23 are pending. 

Response to Arguments 

3. The applicants arguments with respect to the objections directed at claims 1 and 
9 (Office Action dated June 4, 2007, paragraph 3) are persuasive and the 
objections are hereby withdrawn. 

4. The applicant argues with respect to the 35 USC § 101 and 35 USC § 112 2"" 
paragraph rejections directed at claims 1-3 (paragraphs 7 and 12 of previous 
Office Action) that claim 1 is clearly directed to a process. 

5. The examiner disagrees. Claim 1 recites, "A method, comprising..." (line 1) and 
recites elements that have actions preformed upon them, e.g. "a first 
authentication server and other authentication servers each receiving respective 
unique realm names." A method or a process is a series of steps or actions, thus 
making it unclear, with respect to claim 1 , how a method can be defined as a list 
of elements. How can a method comprise elements? A method or process claim 
may refer to elements, but such a claim comprises steps that interact with the 
elements. For example, in order for claim 1 to comply with 35 USC § 101, it 
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would need to recite something along the lines of "A method comprising: 
receiving respective unique realm names at each of a first authentication server 
and other authentication servers..." Therefore, these rejections have been 
maintained and are repeated below. 

6. The applicant argues with respect to the 35 USC § 101 rejections directed claims 
18-19 that that it would be obvious to one of ordinary skill in the art that the 
claims are directed to elements of an electronic device, elements that can be 
implemented as instructions executable by a processor and stored on a 
processor-readable storage structure, or as application- specific integrated 
circuits. 

7. The examiner disagrees. As the applicant has pointed out, "the elements that 
can be implemented as instructions executable by a processor and stored on a 
processor-readable storage structure, or as application- specific integrated 
circuits." Simply, because the elements ("instructions") can be implemented... 
and stored does not necessarily mean the elements ("instructions") are stored, 
and as the claims do not explicitly state that they are, given the broadest 
reasonable interpretation, the claims are directed to functionally descriptive 
material that is not embodied on a computer system or computer readable 
storage medium which is non-statutory. Therefore, these rejections have been 
maintained and are repeated below. 
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8. The applicant argues with respect to the 35 USC § 1 12 2"'' paragraph rejections 
directed at claims 10 and 12 (paragraphs 15-17 of the previous Office Action) 
that claims 10 and 12 are clearly dependent claims. 

9. The examiner disagrees. 35 USC § 1 12 4'*' paragraph provides, "a claim in 
dependent form shall contain a reference to a claim previously set forth and then 
specify a further limitation of the subject matter claimed." It is unclear how 
claims 10 and 12 specify further limitations of the claims from which they depend 
(claims 4 and 6). Claims 4 and 6 recite an authentication server; claims 10 and 
12 do not recite further limitations of an authentication server (i.e. they do not 
recite elements of an authentication sen/er, but rather authentication servers in 
specified environments). Therefore, these rejections have been maintained and 
are repeated below. 

10. The applicant argues with respect to the Independent claims 1 , 4, 7, 13, 15, 20, 
and 22 that Cheng (US Pat. No. 5,544,322) does not teach receiving a request 
for reauthentication. 

1 1 .The examiner disagrees. Cheng discloses authentication via an authentication 
sender (column 5, lines 31-35) and a subsequent application request to an 
application server which includes an authentication certificate (column 5, lines 
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43-52, i.e. the client is reauthenticated by the application server). The examiner 
additionally, apologizes for the typographical error in the rejections of claims 2, 5, 
8, and 16 of the previous Office action (paragraph 28). The examiner cited 
column 4, lines 43-47, but Intended to cite column 5, lines 43-47 as was done 
previously with synonymous limitations in claim 13. 

12. The applicant further argues with respect to claims 18 and 19 that Limsico (US 
Pat. 6,662,228) fails teach a request for reauthenticatlon. 

13. The examiner disagrees. Limsico discloses a previously authenticated user 
attempting authentication through a local authentication server which fonwards 
the request to a second authentication server (column 6, lines 12-27, the second 
authentication server is the server that has previously authenticated the user). 

14. Additionally, 35 USC § 1 12 2""* paragraph rejections presented in this Office 
action were necessitated by amendment. 

Claim Rejections • 35 USC § 101 

15. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 
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16. Claims 1, 3 and 18-19 are rejected under 35 U.S.C. because the claimed 
invention is directed to non-statutory subject matter. 

17. Claim 1 recites, "A method, comprising..." (line 1) and recites limitations that are 
not steps such as, "a first authentication sen/er and other authentication servers 
each receiving respective unique realm names." (lines 4-5) As the claim is 
directed to a method with system claim limitations, the claim is directed to neither 
a "process" nor a "machine," but rather overlaps two different statutory classes of 
invention set forth in 35 U.S.C. 101 which is drafted so as to set forth the 
statutory classes of invention in the alternative only. 

18. Claim 3 is rejected by the same rationale set forth In claim 1's rejection. 

19. Claims 18-19 recite, "An authentication network element, comprising..." and all 
the limitations are software elements (determining and preparing means). 
Therefore the claims are directed to functionally descriptive material that is not 
embodied on a computer system or computer readable storage medium which is 
non-statutory. 

Claim Rejections - 35 USC §112 

20. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 
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21. Claims 1, 3, 10, and 12, rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. 

22. Claim 1 recites, "A method, comprising..." (line 1) and recites limitations that are 
not steps such as, "a first authentication server and other authentication servers 
each receiving respective unique realm names." (lines 4-5) It Is unclear how a 
method can comprise limitations that are not steps, but system components. A 
method or a process is a series of steps or actions, thus making it unclear, with 
respect to claim 1 , how a method can be defined as a list of elements. How can 
a method comprise elements? A method or process claim may refer to 
elements, but such a claim comprises steps that interact with the elements. 

23. Claim 3 is rejected by the same rationale set forth in claim 1's rejection. 

24. Claim 1 recites, "the authentication network element determining the unique 
realm name indicating the authentication server that performed the full 
authentication by the authentication network element from the reauthentication 
identity included In the request for reauthentication" (lines 14-18). The statement 
is difficult to Interpret as there are grammatical errors, the examiner can only 
assume it should read something along the lines of, "the authentication network 
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element determining the unique realm name which indicates the authentication 
server that performed the full authentication from the reauthentication identity 
included in the request for reauthentication" ("by the authentication network 
element" was also removed from the quotation) and the examiner will interpret 
the claim as such. 

25. Claim 1 recites, "the full authentication. " This lacks antecedent basis in the 
claim. 

26. Claim 10, recites, "wherein at least two of the authentication servers are as In 
claim 4" (line 7) it is unclear whether the claim is an independent system claim or 
is a dependent claim furthering limiting the apparatus claim of claim 4. 35 USC § 
112 4*'' paragraph provides, "a claim in dependent form shall contain a reference 
to a claim previously set forth and then specify a further limitation of the 
subject matter claimed." It is unclear how claim 10 specifies further limitations 
of the claim from which it depend (claim 4). Claim 4 recites an authentication 
server; claim 10 does not recite further limitations of an authentication server (i.e. 
it does not recite elements of an authentication server, but rather authentication 
servers in a specified environment). 

27. Claim 12, recites, "wherein at least two of the authentication servers are as in 
claim 6" (line 7) it is unclear whether the claim is an independent system claim or 
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is a dependent claim furthering limiting the apparatus claim of claim 6. 35 (JSC § 
1 12 4**^ paragraph provides, "a claim in dependent form shall contain a reference 
to a claim previously set forth and then specify a further limitation of the 
subject matter claimed." It is unclear how claim 12 specifies further limitations 
of the claim from which it depend (claim 6). Claim 6 recites an authentication 
server; claim 12 does not recite further limitations of an authentication server (i.e. 
it does not recite elements of an authentication server, but rather authentication 
servers in a specified environment). 



Claim Rejections - 35 USC § 102 

28.The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



29. Claims 1, 4, 7, 10. 13, 15-16, 20, and 22 are rejected under 35 U.S.C. 102(b) as 
being anticipated by Cheng etal (US Pat. 5,544,322), hereafter Cheng. 
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30. As to claim 1 , Cheng discloses a method, comprising: 

a first authentication server and other authentication servers each receiving 
respective unique realm names (column 5, lines 19-24); 

the first authentication server receiving a request for authentication of a 
terminal (column 5, lin^s 31-35); and 

during authentication between the terminal and the first authentication server, 
the first authentication server transmitting to the terminal a reauthentication 
identity including the unique realm name assigned to the first authentication 
server (column 5, lines 36-42, the certificate is "a reauthentication identity" and 
will inherently identify the authentication server and its unique realm); 

an authentication network element receiving a request for reauthentication 
transmitted by the terminal using the reauthentication identity including the 
unique realm name (column 5, lines 43-47); and 

the authentication network element detemiining from the reauthentication 
identity included in the request the unique realm name indicating the 
authentication server that performed the full authentication by the authentication 
element from the reauthentication identity included in the request for 
reauthentication (column 5, lines 43-52). 

31. As to claim 4, Cheng discloses an authentication server (column 5, lines 19-24), 
comprising: 

means for performing authentication (column 5, lines 31-35); and 
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means for transmitting to a temiinal requesting autlientication a 
reauthentication identity including a unique realm name uniquely identifying the 
authentication server (column 5, lines 36-42, the certificate is "a reauthentication 
identity" and will inherently identify the authentication server and its unique 
realm), 

means for performing reauthentication of the terminal upon receipt of a 
request for authentication conveying the reauthentication identity including a 
unique realm name uniquely identifying the authentication server (column 5, lines 
43-47); and 

means for receiving a request by a temiinal for reauthentication, wherein the 
request includes the reauthentication identity, and for determining from the 
reauthentication Identity the unique realm name Included in the request (column 
5. lines 43-52). 

32. As to claim 7, Cheng discloses a computer program product comprising: 

a computer readable storage structure embodying computer program code 
thereon for execution by a computer processor in an authentication server, 
wherein said computer program code includes instructions for: 

transmitting to a terminal requesting authentication a reauthentication identity 
including a unique realm name uniquely identifying the authentication server 
(column 5, lines 36-42, the certificate is "a reauthentication identity" and will 
inherently identify the authentication server and its unique realm). 
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receiving a request by a terminal for reauthentication, wherein the request 
includes the reauthentication identity (column 5, lines 43-47); and 

determining from the reauthentication identity the unique realm name 
included in the request (column 5, lines 43-52). 

33. As to claim 13, Cheng discloses a tenninal, comprising: 

means for requesting reauthentication of a communication session between 
the terminal and a content server (column 5, lines 43-46, client reads on terminal 
and application server reads on content server); 

means for receiving from a first authentication server a reauthentication 
identity including a unique realm name assigned to the first authentication server 
(column 5, lines 36-42, the certificate is "a reauthentication identity" and will 
inherently identify the authentication server and its unique realm); and 

means for transmitting to an authentication network element a request for 
reauthentication using the reauthentication identity including the unique realm 
name (column 5, lines 43-52, authentication library reads on "authentication 
network element"). 



34. As to claim 15, it is rejected by the same rationale set forth in claim 4's rejection. 



35. As to claims 20 and 22, they are rejected by the same rationale set forth in claim 
13's rejection. 
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36. As to claim 10, Cheng discloses a system, comprising a plurality of terminals, a 
plurality of authentication servers, and at least one content server (Figs. 1 and 2), 
the terminals operative so as to request content from the content server after 
authentication (column 8, lines 48-51) and occasional reauthentication with one 
or another of the authentication servers, wherein at least two of the 
authentication servers are as in claim 4 (column 5, lines 31-35). 

37. As to claim 16, Cheng discloses determining from the reauthentication identity 
the unique realm name included in a request in by a tenninal for reauthentication, 
wherein the request includes the reauthentication identity (column 5, lines 43-52). 

38. Claims 18-19 are rejected under 35 U.S.C. 102(e) as being anticipated by 
LImsico (US Pat. 6,662,228). 

39. As to claim 18, Limsico discloses an authentication network element, comprising: 

means for determining from a reauthentication identity included in a request 
for reauthentication transmitted by a terminal a unique realm name included in 
the request and uniquely indicating an authentication server (column 6, lines 12- 
27, the user identification (reauthentication identity) is checked to see if it 
contains a substring of characters which identifies a second authentication server 
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(the authentication server recited in the claim) from which the user can be 
verified); and 

means for preparing a message for fonwarding the request to the 
authentication server indicated by the unique realm name (column 6, lines 12-27, 
the user identification information is sent to the second authentication server). 

40. As to claim 19, it is rejected by the same rationale set forth in claim 18's 
rejection. 

Claim Rejections - 35 USC § 103 

41. The following is a quotation of 35 U.S.C. 103(a) which fomis the basis for all 
obviousness rejections set forth in this OfTice action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

42. Claims 3, 6, 9, 12, and 17 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cheng as applied to claims 1, 4, 7, and 15 above, and in view 
of Limsico. 

43. As to claim 3, Cheng discloses the invention substantially with regard to the 
parent claim 1 . but does not disclose the authentication network element 
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forwarding the request to the authentication server indicated by the unique realm 
name included as part of the reauthentication identity; and the terminal and the 
authentication server indicated by the unique realm name pertonning 
reauthentication. 

However, Limsico discloses a authentication network element forwarding a 
request to a authentication server indicated by a unique realm name included as 
part of the reauthentication identity (column 6, lines 12-27, the user identification 
(reauthentication identity) is checked to see if it contains a substring of 
characters which identifies a second authentication server (the authentication 
server recited in the claim) to which the user identification information is sent so it 
can be verified); and the temriinal and the authentication server indicated by the 
unique realm name performing reauthentication (column 6, lines 12-27). 

Therefore it would have been obvious to one of ordinary skill in the art at the 
time of the Invention to combine the teachings of Cheng and Limsico in order to 
have a central repository of authentication information thereby permitting easier 
removal, replacement, and addition of users to a single database instead of 
requiring updating separate database (Limsico, column 3, lines 35-43). 



44. As to claim 6, 9, and 17, Cheng discloses the invention substantially with regard 
to the parent claims 4, 7, and 15, and but does not disclose means for forwarding 
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the request to another authentication server If the unique realm name indicates 
another authentication server. 



However, Limsico discloses means for forwarding the request to another 
authentication server if the unique realm name indicates the other authentication 
server (column 6, lines 12-27, the user identification (reauthentication identity) is 
checked to see if it contains a substring of characters which identifies a second 
authentication server (the authentication server recited in the claim) to which the 
user identification information is sent so it can be verified). 



Therefore it would have been obvious to one of ordinary skill in the art at the 
fime of the invention to combine the teachings of Cheng and Limsico in order to 
have a central repository of authentication information thereby permitting easier 
renioval, replacement, and addition of users to a single database instead of 
requiring updating separate database (Limsico, column 3, lines 35-43). 

45. As to claim 12, Cheng and Limsico disclose the invention substantially with 
regard to the parent claim 6, and further discloses a system, comprising a 
plurality of terminals, a plurality of authentication servers, and at least one 
content server (Cheng, Figs. 1 and 2), the terminals operative so as to request 
content from the content server after authentication (Cheng, column 8, lines 48- 
51) and occasional reauthentication with one or another of the authentication 
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servers, wherein at least two of the authentication servers are as in claim 4 
(Cheng, column 5, lines 31-35). 

46. Claims 14, 21, and 23, are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cheng as applied to claims 13, 20. and 22 above, and in view 
of Barriga-Caceres et al (US Pub No. 2003/0163733), hereafter "Barriga." 

47. As to claims 14, 21, and 23, Cheng discloses the invention substantially with 
regard to the parent claims 13, 20, and 22, and further discloses means for 
transmitting to an authentication network element a request for reauthentication 
using the reauthentication identity including the unique realm name includes the 
reauthentication identity in an identity response packet. 

But, Cheng does not disclose the identity response packet is according to an 
Extensible Authentication Protocol. 

However, Barriga discloses an authentication system (Abstract) that utilizes 
an Extensible Authentication Protocol ([0101]). 

Therefore it would have been obvious to one of ordinary skill in the art at the 
time of the invention to combine the teachings of Cheng and Barriga in order to 
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utilize a well-known protocol in the art that would allow Cheng's system to be 
compatible with other, already deployed, systems. 

Conclusion 

48. Applicant's amendment necessitated the new ground(s) of rejection presented In 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 
37 CFR 1.136(a). 

49. A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed 
within TWO MONTHS of the mailing date of this final action and the advisory 
action is not mailed until after the end of the THREE-MONTH shortened statutory 
period, then the shortened statutory period will expire on the date the advisory 
action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be 
calculated from the mailing date of the advisory action. In no event, however, will 
the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

50. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Thomas J. Dailey whose telephone number is 
571-270-1246. The examiner can normally be reached on Monday thru Friday; 
9:00am - 5:00pm. 
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51 . If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Bunjob Jaroenchonwanit can be reached on 571-272-3913. The fax 
phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

52. Infomiation regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR, 
Status infonnation for unpublished applications is available through Private PAIR 
only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 





